[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Python-lang gdb script to extract x86_64 guest
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [Qemu-devel] [PATCH] Python-lang gdb script to extract x86_64 guest vmcore from qemu coredump |
|
Date: |
Mon, 14 Oct 2013 09:45:25 +0200 |
On Thu, Sep 12, 2013 at 9:46 PM, Laszlo Ersek <address@hidden> wrote:
> +For simplicity, the "paging", "begin" and "end" parameters of the QMP
> +command are not supported -- no attempt is made to get the guest's
> +internal paging structures (ie. paging=false is hard-wired), and guest
> +memory is always fully dumped.
> +
> +Only x86_64 guests are supported.
> +
> +The CORE/NT_PRSTATUS and QEMU notes (that is, the VCPUs' statuses) are
> +not written to the vmcore. Preparing these would require context that is
> +only present in the KVM host kernel module when the guest is alive. A
> +fake ELF note is written instead, only to keep the ELF parser of "crash"
> +happy.
I found the lack of register state and paging information is easy to
work around for guest kernel debugging:
The Linux 32-bit PAE guest kernel I tried identity maps physical
memory to 0xc0000000. Set program header p_vaddr fields to the
physical address + 0xc0000000 in order to produce an ELF suitable for
gdb kernel debugging.
Also, you can get a snapshot of CPU registers from QEMU's first_cpu
list. They are probably outdated since the KVM register state isn't
synced on every exit but the cr registers contain useful information
on paging. In other words, it may still be possible to reconstruct
page tables by traversing cr3.
Stefan